(RESOLU) Possible infection Vundo

[jpt]

Bonjour à tous !

 

après scan HJT ZHP me dit possible infection vundo

 

Pouvez-vous vérifier mon log et m'indiquer ce que je dois faire pour éradiquer ou supprimer cette alerte ...

 

par avance merci pour votre aide

 

le log :

 

Zeb Help Process v2.36.01 by Nicolas Coolman - Rapport Général du 15/08/2010 11:02:44

 

Logfile of Trend Micro HijackThis v2.0.4

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v8.00 (8.00.6001.18943)

Boot mode: Normal

 

 

---\\ Processus lancés

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Secunia\PSI\psi.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\ZebHelpProcess\ZHP2.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

 

 

---\\ Analyse des lignes R0, R1, R2, R3 - Internet Explorer Start/Search pages URLs

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll

 

---\\ Analyse des autres lignes (Others)

 

---\\ Redirection du fichier Hosts (O1)

O1 - Hosts: ::1 localhost

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min

 

---\\ Pirates de Winsock LSP (Layered Service Provider)

O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - https://static.impots.gouv.fr/abos/static/securite/certdgi1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe

O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe

O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: hpqcxs08 - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Service HP CUE DeviceDiscovery (hpqddsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Assistance IP (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: Net Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Pml Driver HPZ12 - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe

O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe

O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: Acquisition d'image Windows (WIA) (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100 (WPFFontCache_v0400) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe

O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe

O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

 

Ligne traitée : 148/148

 

 

jpt

Modifié le 15 août 2010 par jpt

[Florinator]

Bonjour jpt

 

Il n'y a rien d'anormal sur ce log.

 

après scan HJT ZHP me dit possible infection vundo

Et tu pourrais me dire quelle ligne stp?

 

A++

[jpt]

bonjour Florinator et merci pour ton aide !

 

Pour la ligne , je ne puis te répondre car ZHP signale une possible infection Vundo mais ne donne aucun détail !

 

jpt

[Florinator]

Re

 

Peux tu refaire un scan ZHPDiag, mais complet stp.

Dans les options , quand il est ouvert, coche toutes les cases.

Scan la machine et poste moi le rapport ensuite stp.

 

A++

[jpt]

re bonjour !

 

voici le log :

 

Rapport de ZHPDiag v1.26.29 par Nicolas Coolman, Update du 20/07/2010

Run by jeanpaul at 15/08/2010 16:23:42

Web site : ZHPDiag Outil de diagnostic

Contact : nicolascoolman@yahoo.fr

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18943

MFIE: Mozilla Firefox (3.6.

 

---\\ System Information

Platform : Windows Vista Home Premium (6.0.6002) Service Pack 2

Processor: x86 Family 15 Model 67 Stepping 2, AuthenticAMD

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 2045 MB (63% free)

System drive C: has 261 GB (73%) free of 357 GB

 

---\\ Logged in mode

Computer Name: PC-DE-JEANPAUL

User Name: jeanpaul

All Users Names: jeanpaul, Administrateur,

Unselected Option: None

Logged in as Administrator

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 261 Go of 357 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 94 Go of 95 Go)

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] UacDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK

 

 

---\\ Processus lancés

[MD5.CF4A0E2C240501C826977ACC5F0E8411] - (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [282792]

[MD5.D449C2456FCFC8DDA896F1DD27D0A476] - (.Secunia - Secunia PSI.) -- C:\Program Files\Secunia\PSI\psi.exe [911920]

[MD5.BACCDA841C689D1CBA941F478E8ED24B] - (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe [910296]

[MD5.642FA80C2C43EE609313746AA305DC86] - (.Mozilla Corporation - Plugin Container for Firefox.) -- C:\Program Files\Mozilla Firefox\plugin-container.exe [14808]

[MD5.29C81875332F7084321C3A82A9A7BF9F] - (.Trend Micro Inc. - HijackThis.) -- C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe [388096]

[MD5.F6A5E7D2B2A9D12ED5CDCFF384B7C6A8] - (.Nicolas Coolman - Analyseur de rapports sécurité.) -- C:\Program Files\ZebHelpProcess\ZHP2.exe [886272]

[MD5.05456D4608874F29B2B23D52FAF0F7DE] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZebHelpProcess\ZHPDiag.exe [1372160]

 

 

---\\ Plugin du navigateur Opera (P1)

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN: [HKLM] [@adobe.com/FlashPlayer] - (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\Macromed\Flash\NPSWF32.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_21 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.50524.0.) -- c:\Program Files\Microsoft Silverlight\4.0.50524.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=8] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.2.183.23\npGoogleOneClick8.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.1.2] - (.the VideoLAN Team - Version 1.1.2, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

 

 

---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,

F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

---\\ Pages de recherche d'Internet Explorer (R1)

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

 

 

---\\ Internet Explorer URLSearchHook (R3)

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} . (.Pas de propriétaire - Pas de description.) (No version) -- C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll

 

 

---\\ Applications démarrées automatiquement par le registre (O4)

O4 - HKLM\..\Run: [avgnt] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O4 - HKLM\..\policies\Explorer: [bindDirectlyToPropertySetStorage] Data=0 (.not file.)

O4 - HKLM\..\policies\Explorer: [NoDriveAutoRun] Data=67108863 (.not file.)

O4 - HKLM\..\policies\Explorer: [NoDriveTypeAutoRun] Data=255 (.not file.)

O4 - HKLM\..\policies\Explorer: [HonorAutoRunSetting] Data=1 (.not file.)

O4 - HKCU\..\policies\Explorer: [NoDriveTypeAutoRun] Data=255 (.not file.)

O4 - HKCU\..\policies\Explorer: [NoDriveAutoRun] Data=67108863 (.not file.)

O4 - HKCU\..\policies\Explorer: [HonorAutoRunSetting] Data=1 (.not file.)

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Network Location Awareness 2.) -- C:\Windows\system32\NLAapi.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - Fournisseur Shim d'affectation de noms de messagerie.) -- C:\Windows\system32\napinsp.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Fournisseur d’espace de noms PNRP.) -- C:\Windows\system32\pnrpnsp.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\Windows\system32\mswsock.dll

O10 - WLSP:\000000000006\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\Windows\system32\winrnr.dll

O10 - Broken Internet access because of LSP provider (.not file.) -- C:\Program Files\Bonjour\mdnsNSP.dll

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {04CB5B64-5915-4629-B869-8945CEBADD21} (Module de délivrance de certificat MINEFI) - (.not file.) - https:\\static.impots.gouv.fr\abos\static\securite\certdgi1.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSODL) (O21)

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Contrôleur de site Web.) -- C:\Windows\System32\webcheck.dll

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\Windows\system32\browseui.dll

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) . (.Avira GmbH - Antivirus Scheduler.) - C:\Program Files\Avira\AntiVir Desktop\sched.exe

O23 - Service: Avira AntiVir Guard (AntiVirService) . (.Avira GmbH - Antivirus On-Access Service.) - C:\Program Files\Avira\AntiVir Desktop\avguard.exe

O23 - Service: (Ati External Event Utility) . (.ATI Technologies Inc. - ATI External Event Utility EXE Module.) - C:\Windows\system32\Ati2evxx.exe

O23 - Service: TomTomHOMEService (TomTomHOMEService) . (.TomTom - Windows Service for TomTom HOME.) - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-218364759-2932834087-4253310726-1000Core.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\Scheduled scanning task.job

O39 - APT:Automatic Planified Task - C:\Windows\Tasks\User_Feed_Synchronization-{4742727D-01D4-4D9E-B3EA-B117C3C642DC}.job

 

 

---\\ Composants installés (ActiveSetup Installed Components) (O40)

O40 - ASIC: Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608500} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\regutils.dll

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: avipbb (avipbb) . (.Avira GmbH - Avira Driver for Security Enhancement.) - C:\Windows\system32\DRIVERS\avipbb.sys

O41 - Driver: ssmdrv (ssmdrv) . (.Avira GmbH - AVIRA SnapShot Driver.) - C:\Windows\system32\DRIVERS\ssmdrv.sys

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: 32 Bit HP CIO Components Installer - (.Hewlett-Packard.) [HKLM]

O42 - Logiciel: ATI AVIVO Codecs - (.ATI Technologies Inc..) [HKLM]

O42 - Logiciel: ATI Catalyst Registration - (.ATI Technologies Inc..) [HKLM]

O42 - Logiciel: ATI Uninstaller - (.ATI Technologies, Inc..) [HKLM]

O42 - Logiciel: Acrobat.com - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Adobe AIR - (.Adobe Systems Inc..) [HKLM]

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Adobe Reader 9.3.3 - Français - (.Adobe Systems Incorporated.) [HKLM]

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Avira AntiVir Personal - Free Antivirus - (.Avira GmbH.) [HKLM]

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM]

O42 - Logiciel: Catalyst Control Center - Branding - (.ATI.) [HKLM]

O42 - Logiciel: Creative WebCam Center - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Creative WebCam Live! Pro Driver (1.01.01.1011) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: DeepBurner v1.8.0.224 - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: DeepRipper v 1.1 - (.Astonsoft.) [HKLM]

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM]

O42 - Logiciel: Détecteur de flux Windows Live Toolbar (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: EVEREST Home Edition v2.20 - (.Lavalys Inc.) [HKLM]

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM]

O42 - Logiciel: Google Earth - (.Google.) [HKLM]

O42 - Logiciel: HP Customer Participation Program 8.0 - (.HP.) [HKLM]

O42 - Logiciel: HP Imaging Device Functions 8.0 - (.HP.) [HKLM]

O42 - Logiciel: HP OCR Software 8.0 - (.HP.) [HKLM]

O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM]

O42 - Logiciel: HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B - (.HP.) [HKLM]

O42 - Logiciel: HP Solution Center 8.0 - (.HP.) [HKLM]

O42 - Logiciel: HP Update - (.Hewlett-Packard.) [HKLM]

O42 - Logiciel: HPSSupply - (.Nom de votre société.) [HKLM]

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: IZArc 3.81 - (.Ivan Zahariev.) [HKLM]

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Java DB 10.5.3.0 - (.Sun Microsystems, Inc.) [HKLM]

O42 - Logiciel: Java 6 Update 21 - (.Sun Microsystems, Inc..) [HKLM]

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM]

O42 - Logiciel: Malwarebytes' Anti-Malware - (.Malwarebytes Corporation.) [HKLM]

O42 - Logiciel: Manuel d'utilisation de Creative WebCam Live! Pro (Français) - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Menus intelligents (Windows Live Toolbar) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 3.5 Language Pack SP1 - fra - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft .NET Framework 4 Client Profile FRA Language Pack - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Money - (.Microsoft.) [HKLM]

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2005 Redistributable - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Module linguistique Microsoft .NET Framework 3.5 SP1- fra - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Module linguistique Microsoft .NET Framework 4 Client Profile FRA - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Mozilla Firefox (3.6. - (.Mozilla.) [HKLM]

O42 - Logiciel: Mozilla Thunderbird (3.1.2) - (.Mozilla.) [HKLM]

O42 - Logiciel: Nero 7 Essentials - (.Nero AG.) [HKLM]

O42 - Logiciel: OpenOffice.org 3.2 - (.OpenOffice.org.) [HKLM]

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Package de pilotes Windows - eMPIA Technology Inc, (emAudio) MEDIA (08/31/2007 5.7.0831.0) - (.eMPIA Technology Inc,.) [HKLM]

O42 - Logiciel: Panneau de configuration MobileMe - (.Apple Inc..) [HKLM]

O42 - Logiciel: Pinnacle PCTV MCE - (.Pinnacle Systems.) [HKLM]

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM]

O42 - Logiciel: Realtek 8139 and 8139C+ Ethernet Network Card Driver for Windows Vista - (.Realtek.) [HKLM]

O42 - Logiciel: Realtek Ethernet Network Card Diagnostic tool for Windows Vista - (.Realtek.) [HKLM]

O42 - Logiciel: Realtek High Definition Audio Driver - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Revo Uninstaller 1.89 - (.VS Revo Group.) [HKLM]

O42 - Logiciel: Secunia PSI - (.Pas de propriétaire.) [HKLM]

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Skype™ 4.2 - (.Skype Technologies S.A..) [HKLM]

O42 - Logiciel: Test_OnlineDiagnostic - (.Ihr Firmenname.) [HKLM]

O42 - Logiciel: TomTom HOME 2.7.5.2014 - (.TomTom.) [HKLM]

O42 - Logiciel: TomTom HOME Visual Studio Merge Modules - (.TomTom International B.V..) [HKLM]

O42 - Logiciel: USB Video Driver - (.EETI.) [HKLM]

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: VLC media player 1.1.2 - (.VideoLAN.) [HKLM]

O42 - Logiciel: VoiceOver Kit - (.Apple Inc..) [HKLM]

O42 - Logiciel: Windows Driver Package - Silicon Integrated Systems Corp.(1.09d.00) (SIS163u) Net (01/25/2007 6.0.1039.1094) - (.Silicon Integrated Systems Corp.(1.09d.00).) [HKLM]

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Movie Maker - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM]

O42 - Logiciel: Windows Media Player Firefox Plugin - (.Microsoft Corp.) [HKLM]

O42 - Logiciel: ZebHelpProcess 2.36 - (.Nicolas Coolman.) [HKLM]

O42 - Logiciel: neroxml - (.Nero AG.) [HKLM]

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\ATI Technologies Inc.]

[HKCU\Software\ATI]

[HKCU\Software\Adobe]

[HKCU\Software\Ahead]

[HKCU\Software\Akella]

[HKCU\Software\AppDataLow\Software\Microsoft]

[HKCU\Software\AppDataLow\Software\Monitored]

[HKCU\Software\AppDataLow\Software\settings]

[HKCU\Software\AppDataLow\Software]

[HKCU\Software\AppDataLow]

[HKCU\Software\Astonsoft]

[HKCU\Software\Avira]

[HKCU\Software\Borland]

[HKCU\Software\Bugsplat]

[HKCU\Software\CDDB]

[HKCU\Software\CanonBJ]

[HKCU\Software\ClassesB]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Creative Tech]

[HKCU\Software\Folder Manager]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\IZSoftware]

[HKCU\Software\Iris]

[HKCU\Software\JavaSoft]

[HKCU\Software\Lavalys]

[HKCU\Software\Lavasoft]

[HKCU\Software\Licenses]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MarineCat]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\Nero]

[HKCU\Software\Netscape]

[HKCU\Software\Northcode Inc]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\Pando Networks]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Realtek]

[HKCU\Software\Secunia]

[HKCU\Software\Skyline]

[HKCU\Software\Skype]

[HKCU\Software\StockholmInteractive]

[HKCU\Software\Sysinternals]

[HKCU\Software\TCP Optimizer]

[HKCU\Software\Thunderbird]

[HKCU\Software\TomTom]

[HKCU\Software\Trend Micro]

[HKCU\Software\Trolltech]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\Winamp]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\keyhole.com]

[HKCU\Software\mindscape]

[HKLM\Software\8169Diag]

[HKLM\Software\AMD]

[HKLM\Software\ATI Technologies]

[HKLM\Software\ATI]

[HKLM\Software\Adobe]

[HKLM\Software\Audible]

[HKLM\Software\Avira]

[HKLM\Software\BisonCam]

[HKLM\Software\Borland]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Contrôle Parental]

[HKLM\Software\Creative Tech]

[HKLM\Software\Data Fellows]

[HKLM\Software\EETI]

[HKLM\Software\Fujitsu Siemens Computers]

[HKLM\Software\Fujitsu Siemens]

[HKLM\Software\FullCircle]

[HKLM\Software\GEAR Software]

[HKLM\Software\Google]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\InstallShield]

[HKLM\Software\Intel]

[HKLM\Software\JavaRa]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\Macromedia]

[HKLM\Software\Mindscape]

[HKLM\Software\Mozilla Thunderbird]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\Nero]

[HKLM\Software\ODBC]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\PepiMK Software]

[HKLM\Software\Pinnacle Systems]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Preclick]

[HKLM\Software\RTLSetup]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\SRS Labs]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Secunia]

[HKLM\Software\Skype]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\SymNRT]

[HKLM\Software\Symantec]

[HKLM\Software\TomTom]

[HKLM\Software\TrendMicro]

[HKLM\Software\VideoLAN]

[HKLM\Software\Volatile]

[HKLM\Software\Windows]

[HKLM\Software\X-AVCSD]

[HKLM\Software\Xerox]

[HKLM\Software\ahead]

[HKLM\Software\mozilla.org]

 

 

---\\ Contenu des dossiers Fichiers Communs (O43)

O43 - CFD:Common File Directory ----D- C:\Program Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Astonsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\ATI

O43 - CFD:Common File Directory ----D- C:\Program Files\ATI Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Avira

O43 - CFD:Common File Directory ----D- C:\Program Files\backups

O43 - CFD:Common File Directory ----D- C:\Program Files\CCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\CDBurnerXP Pro 3

O43 - CFD:Common File Directory ----D- C:\Program Files\CDex

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files

O43 - CFD:Common File Directory ----D- C:\Program Files\Creative

O43 - CFD:Common File Directory ----D- C:\Program Files\Defraggler

O43 - CFD:Common File Directory ----D- C:\Program Files\DIFX

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Fichiers communs

O43 - CFD:Common File Directory ----D- C:\Program Files\Google

O43 - CFD:Common File Directory ----D- C:\Program Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\HP

O43 - CFD:Common File Directory --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD:Common File Directory ----D- C:\Program Files\Internet Explorer

O43 - CFD:Common File Directory ----D- C:\Program Files\IZArc

O43 - CFD:Common File Directory ----D- C:\Program Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\JRE

O43 - CFD:Common File Directory ----D- C:\Program Files\Lavalys

O43 - CFD:Common File Directory ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD:Common File Directory ----D- C:\Program Files\MB application

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Games

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliPoint

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft IntelliType Pro

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Money 2005

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD:Common File Directory ----D- C:\Program Files\Microsoft.NET

O43 - CFD:Common File Directory ----D- C:\Program Files\Movie Maker

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Firefox

O43 - CFD:Common File Directory ----D- C:\Program Files\Mozilla Thunderbird

O43 - CFD:Common File Directory ----D- C:\Program Files\MSBuild

O43 - CFD:Common File Directory ----D- C:\Program Files\Nero

O43 - CFD:Common File Directory ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD:Common File Directory ----D- C:\Program Files\Orange

O43 - CFD:Common File Directory ----D- C:\Program Files\OrangeHSS

O43 - CFD:Common File Directory ----D- C:\Program Files\Pinnacle

O43 - CFD:Common File Directory ----D- C:\Program Files\QuickTime

O43 - CFD:Common File Directory ----D- C:\Program Files\Realtek

O43 - CFD:Common File Directory ----D- C:\Program Files\Reference Assemblies

O43 - CFD:Common File Directory ----D- C:\Program Files\RegCleaner

O43 - CFD:Common File Directory ----D- C:\Program Files\Secunia

O43 - CFD:Common File Directory R---D- C:\Program Files\Skype

O43 - CFD:Common File Directory ----D- C:\Program Files\Sun

O43 - CFD:Common File Directory ----D- C:\Program Files\TomTom DesktopSuite

O43 - CFD:Common File Directory ----D- C:\Program Files\TomTom HOME 2

O43 - CFD:Common File Directory ----D- C:\Program Files\TomTom International B.V

O43 - CFD:Common File Directory ----D- C:\Program Files\Trend Micro

O43 - CFD:Common File Directory --H-D- C:\Program Files\Uninstall Information

O43 - CFD:Common File Directory ----D- C:\Program Files\USB TV

O43 - CFD:Common File Directory ----D- C:\Program Files\VideoLAN

O43 - CFD:Common File Directory ----D- C:\Program Files\VS Revo Group

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Calendar

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Collaboration

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Defender

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Journal

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Mail

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Media Player

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows NT

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Photo Gallery

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Portable Devices

O43 - CFD:Common File Directory ----D- C:\Program Files\Windows Sidebar

O43 - CFD:Common File Directory ----D- C:\Program Files\ZebHelpProcess

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Adobe AIR

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Ahead

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\ATI Technologies

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Borland Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Fujitsu Siemens Computers

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Hewlett-Packard

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\HP

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\InstallShield

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Java

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\microsoft shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Services

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\SpeechEngines

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Symantec Shared

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\System

O43 - CFD:Common File Directory ----D- C:\Program Files\Common Files\Windows Live

O43 - CFD:Common File Directory -SH-D- C:\Program Files\Common Files\WindowsLiveInstaller

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.00000000000000000000000000000000] - 15/08/2010 - 10:12:54 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\PDOXUSRS.NET [13030]

O44 - LFC:[MD5.857FA610AAA39B85991170BA11B35754] - 15/08/2010 - 10:00:29 -S-A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\bootstat.dat [67584]

O44 - LFC:[MD5.00000000000000000000000000000000] - 15/08/2010 - 09:58:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\WindowsUpdate.log [161751]

O44 - LFC:[MD5.03DEF649CA35420F07D8DE79218FD954] - 15/08/2010 - 09:57:25 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPExportRegistry-15-08-2010-10-57-25.txt [404472]

O44 - LFC:[MD5.638B2844B48F1625009E4291C17F7725] - 15/08/2010 - 09:57:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPExportRegistry-15-08-2010-10-57-23.txt [450592]

O44 - LFC:[MD5.63A8EEDCFFCF62DF843A2067DA7E862A] - 14/08/2010 - 09:44:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\Configuration.mc [55584]

O44 - LFC:[MD5.A165897EAEEF6A08850480E86DBBA58A] - 14/08/2010 - 08:36:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\PerfStringBackup.INI [1561728]

O44 - LFC:[MD5.98DF26C5D74FC1BFB7A672184713704C] - 14/08/2010 - 08:36:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc009.dat [114002]

O44 - LFC:[MD5.41BF03FFB1C14AF2BA70AA66E82B6768] - 14/08/2010 - 08:36:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfc00C.dat [136550]

O44 - LFC:[MD5.A94D2B2ABB3F8A5D04C4CAC648CD95A9] - 14/08/2010 - 08:36:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh009.dat [617902]

O44 - LFC:[MD5.BDB74C3D764E207BAD301CC3F6F83334] - 14/08/2010 - 08:36:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\perfh00C.dat [700908]

O44 - LFC:[MD5.8D32EB57945DADE600B98EC91DE12846] - 13/08/2010 - 18:29:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY0.zhp [403778]

O44 - LFC:[MD5.3A42634511A5DA1CA08675D145AB1E36] - 13/08/2010 - 18:29:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY1.zhp [428]

O44 - LFC:[MD5.65C1AD4C1F299D45145C515376757A95] - 13/08/2010 - 18:29:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPRegY2.zhp [270]

O44 - LFC:[MD5.730146D24F7F0577B1D698B7AAF17365] - 13/08/2010 - 18:04:06 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\ZHPExportRegistry-13-08-2010-19-04-06.txt [6538]

O44 - LFC:[MD5.06C5756311828763DE40D9A496E66FFA] - 12/08/2010 - 09:12:52 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\jupdate-1.6.0_21-b07.log [5193]

O44 - LFC:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/08/2010 - 15:58:07 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\System32\drivers\ssmdrv.sys [28520]

O44 - LFC:[MD5.323860EC84BB332B613530D904380A4D] - 11/08/2010 - 15:58:06 ---A- . (.AVIRA GmbH - Avira AntiVir File Filter Driver.) -- C:\Windows\System32\drivers\avgntdd.sys [51992]

O44 - LFC:[MD5.7F8283EA8284DFDE226E3262BED8C92A] - 11/08/2010 - 15:58:06 ---A- . (.AVIRA GmbH - Avira Antivir File Filter Driver Manager.) -- C:\Windows\System32\drivers\avgntmgr.sys [17016]

O44 - LFC:[MD5.1289E9A5D9118A25A13C0009519088E3] - 11/08/2010 - 15:58:06 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\System32\drivers\avipbb.sys [124784]

O44 - LFC:[MD5.A88D29D928AD2B830E87B53E3F9BC182] - 11/08/2010 - 15:58:06 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\System32\drivers\avgntflt.sys [60936]

O44 - LFC:[MD5.A28977DF0106AA83B6446047FF479339] - 10/08/2010 - 18:51:07 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\FNTCACHE.DAT [263128]

O44 - LFC:[MD5.3F337DD54339BEAF26917D3A0A32C1DE] - 10/08/2010 - 18:40:39 ---A- . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll [81920]

O44 - LFC:[MD5.39EA6EFC1D4D2A621C5CABA141833A8F] - 30/07/2010 - 06:00:30 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\win.ini [188]

O44 - LFC:[MD5.4CC7F5C5CFAE2CF3A9B6757C2083EFFA] - 29/07/2010 - 10:52:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\MSINET.oca [29184]

O44 - LFC:[MD5.70236CD4EC0616CC768309C13D84ACDC] - 29/07/2010 - 10:52:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\comdlg32.oca [35840]

O44 - LFC:[MD5.7B5C062F2A488B5B7A95D4EABCE0A42A] - 29/07/2010 - 10:52:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xmlparse.dll [36864]

O44 - LFC:[MD5.7C66397352506C58F70B6D1D710EEA42] - 29/07/2010 - 10:52:17 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\System32\xmltok.dll [69632]

O44 - LFC:[MD5.AA42BAF1DD22AF2D1DEE5E1FB2908C68] - 25/07/2010 - 18:32:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\NeroDigital.ini [49]

O44 - LFC:[MD5.359B080F9226D078847E363C7AEDA903] - 17/07/2010 - 04:00:12 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\javaw.exe [145184]

O44 - LFC:[MD5.06CCE24882D9577D3795432E1B22FE4A] - 17/07/2010 - 04:00:12 ---A- . (.Sun Microsystems, Inc. - Java Web Start Launcher.) -- C:\Windows\System32\javaws.exe [153376]

O44 - LFC:[MD5.E4478DF37C06221A5E3F4EAE52F88F90] - 17/07/2010 - 04:00:10 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\java.exe [145184]

O44 - LFC:[MD5.0686CD90E881F84A2950951A305443E7] - 17/07/2010 - 04:00:04 ---A- . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Windows\System32\deployJava1.dll [423656]

 

 

---\\ Derniers fichiers créés dans Windows Prefetcher (O45)

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 14:33:59 ---A- C:\Windows\Prefetch\ATF-CLEANER.EXE-61444AD1.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 14:35:43 ---A- C:\Windows\Prefetch\DLLHOST.EXE-6A473D35.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 14:49:05 ---A- C:\Windows\Prefetch\AgAppLaunch.db

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 15:11:41 ---A- C:\Windows\Prefetch\LPREMOVE.EXE-284EF282.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 15:21:24 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-41CD37D2.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 18:57:44 ---A- C:\Windows\Prefetch\RACCOURCI WINDOWS LIVE MESSEN-E0E24A1D.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 18:57:54 ---A- C:\Windows\Prefetch\MSNMSGR.EXE-9974F251.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 18:57:57 ---A- C:\Windows\Prefetch\WLCOMM.EXE-272FF9F7.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 19:53:23 ---A- C:\Windows\Prefetch\DEFRAGGLER.EXE-82771C7C.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:16:20 ---A- C:\Windows\Prefetch\MMC.EXE-FABD365F.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:18:20 ---A- C:\Windows\Prefetch\PERFMON.EXE-E34F662B.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:18:30 ---A- C:\Windows\Prefetch\MMC.EXE-9FDFCD4D.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:23:08 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-A98BDBDF.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:23:25 ---A- C:\Windows\Prefetch\DLLHOST.EXE-5458ADF9.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:28:47 ---A- C:\Windows\Prefetch\HELPPANE.EXE-FEDC965B.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:29:29 ---A- C:\Windows\Prefetch\SYSTEMPROPERTIESPROTECTION.EX-64B3993D.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:29:56 ---A- C:\Windows\Prefetch\RSTRUI.EXE-2D50C58D.pf

O45 - LFCP:Last File Created Prefetch 14/08/2010 - 20:32:42 ---A- C:\Windows\Prefetch\DLLHOST.EXE-79E9E64A.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 06:32:59 ---A- C:\Windows\Prefetch\VLC.EXE-A11F73EE.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 06:37:57 ---A- C:\Windows\Prefetch\SOFFICE.BIN-FFFF76B3.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 06:38:00 ---A- C:\Windows\Prefetch\SIMPRESS.EXE-2417020B.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 06:38:00 ---A- C:\Windows\Prefetch\SOFFICE.EXE-0C715DD8.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 06:44:40 ---A- C:\Windows\Prefetch\MBAM.EXE-305FF92C.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:07:38 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-456ECC8B.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:15:02 ---A- C:\Windows\Prefetch\MACONFIG_4_2_1_1(3).EXE-AB531BA8.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:18:28 ---A- C:\Windows\Prefetch\CLI.EXE-B3817BB7.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:18:38 ---A- C:\Windows\Prefetch\CCC.EXE-AE792174.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:18:38 ---A- C:\Windows\Prefetch\MOM.EXE-3B2B5194.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:19:05 ---A- C:\Windows\Prefetch\EVENTVWR.EXE-E775CAE5.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:19:15 ---A- C:\Windows\Prefetch\MMC.EXE-43333CB7.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:24:53 ---A- C:\Windows\Prefetch\IEXPLORE.EXE-908C99F8.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:24:54 ---A- C:\Windows\Prefetch\SCSERVER.EXE-01390C45.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:24:56 ---A- C:\Windows\Prefetch\FLASHUTIL10I_ACTIVEX.EXE-98BFCD0B.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:28:20 ---A- C:\Windows\Prefetch\10-2_LEGACY_VISTA32-64_WDM[1]-425E5CE1.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:28:31 ---A- C:\Windows\Prefetch\SETUP.EXE-7C169798.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:28:41 ---A- C:\Windows\Prefetch\INSTALLMANAGERAPP.EXE-A4E65993.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:29:32 ---A- C:\Windows\Prefetch\SETUP.EXE-74706A57.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:29:33 ---A- C:\Windows\Prefetch\CLEARTOOL.EXE-8BCAA48B.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:30:10 ---A- C:\Windows\Prefetch\DLLHOST.EXE-B2EB1806.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:30:43 ---A- C:\Windows\Prefetch\WUSA.EXE-F04B35C8.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:59:41 ---A- C:\Windows\Prefetch\UNSECAPP.EXE-A02905A6.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 07:59:41 ---A- C:\Windows\Prefetch\WMPNSCFG.EXE-FC0D39BF.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:02:55 ---A- C:\Windows\Prefetch\CCLEANER.EXE-D4D76A60.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:03:12 ---A- C:\Windows\Prefetch\MSIEXEC.EXE-A2D55CB6.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:03:30 ---A- C:\Windows\Prefetch\MACONFSERVICE.EXE-7C991E75.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:08:41 ---A- C:\Windows\Prefetch\TASKMGR.EXE-5F5F473D.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:09:18 ---A- C:\Windows\Prefetch\CONTROL.EXE-817F8F1D.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:09:53 ---A- C:\Windows\Prefetch\MMC.EXE-F5DC4F82.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:37:44 ---A- C:\Windows\Prefetch\TRUSTEDINSTALLER.EXE-3CC531E5.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 08:38:36 ---A- C:\Windows\Prefetch\UPDATE.EXE-026DCA13.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:14:44 ---A- C:\Windows\Prefetch\LADS.EXE-2D05CA17.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:14:53 ---A- C:\Windows\Prefetch\CONIME.EXE-9781FD5F.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:16:05 ---A- C:\Windows\Prefetch\SIGCHECK.EXE-24E954E0.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:16:46 ---A- C:\Windows\Prefetch\MBR.EXE-4D386DF0.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:28:48 ---A- C:\Windows\Prefetch\layout.ini

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:38:27 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-230FC512.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:46:34 ---A- C:\Windows\Prefetch\ZHPFIX.EXE-5EA93908.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:56:25 ---A- C:\Windows\Prefetch\CMD.EXE-4A81B364.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:56:25 ---A- C:\Windows\Prefetch\SUBINACL.EXE-DBC67E68.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:57:20 ---A- C:\Windows\Prefetch\REGEDIT.EXE-90FEEA06.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:58:21 ---A- C:\Windows\Prefetch\WERFAULT.EXE-E69F695A.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:58:27 ---A- C:\Windows\Prefetch\LOGONUI.EXE-09140401.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 09:58:27 ---A- C:\Windows\Prefetch\PfSvPerfStats.bin

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:01:27 ---A- C:\Windows\Prefetch\NTOSBOOT-B00DFAAD.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:02:51 ---A- C:\Windows\Prefetch\MSCORSVW.EXE-C3C515BD.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:04:45 ---A- C:\Windows\Prefetch\WMIADAP.EXE-F8DFDFA2.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:10:35 ---A- C:\Windows\Prefetch\SDCLT.EXE-E10B972A.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:10:45 ---A- C:\Windows\Prefetch\SVCHOST.EXE-E2C2633A.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:13:35 ---A- C:\Windows\Prefetch\WERCON.EXE-E36BD04E.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:13:35 ---A- C:\Windows\Prefetch\WERMGR.EXE-0F2AC88C.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:27:26 ---A- C:\Windows\Prefetch\AVCENTER.EXE-C4AEDCEC.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:27:37 ---A- C:\Windows\Prefetch\AVSCAN.EXE-E289CD20.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:43:40 ---A- C:\Windows\Prefetch\AVCONFIG.EXE-E1ECA235.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 10:46:15 ---A- C:\Windows\Prefetch\VERCLSID.EXE-7C52E31C.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 11:04:41 ---A- C:\Windows\Prefetch\VSSVC.EXE-B8AFC319.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 11:04:44 ---A- C:\Windows\Prefetch\SVCHOST.EXE-7CFEDEA3.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 11:14:02 ---A- C:\Windows\Prefetch\DRVINST.EXE-4CB4314A.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 11:30:16 ---A- C:\Windows\Prefetch\RUNDLL32.EXE-A6251510.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 12:35:39 ---A- C:\Windows\Prefetch\AgGlUAD_P_S-1-5-21-218364759-2932834087-4253310726-1000.db

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 12:35:39 ---A- C:\Windows\Prefetch\AgGlUAD_S-1-5-21-218364759-2932834087-4253310726-1000.db

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 13:48:48 ---A- C:\Windows\Prefetch\SEARCHFILTERHOST.EXE-77482212.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 13:48:48 ---A- C:\Windows\Prefetch\SEARCHPROTOCOLHOST.EXE-0CB8CADE.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:30:22 ---A- C:\Windows\Prefetch\THUNDERBIRD.EXE-5119524C.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:38:14 ---A- C:\Windows\Prefetch\FIREFOX.EXE-A606B53C.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:38:31 ---A- C:\Windows\Prefetch\PLUGIN-CONTAINER.EXE-7226D1F8.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:43:26 ---A- C:\Windows\Prefetch\CONSENT.EXE-531BD9EA.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:43:29 ---A- C:\Windows\Prefetch\DLLHOST.EXE-5E46FA0D.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:43:31 ---A- C:\Windows\Prefetch\DLLHOST.EXE-766398D2.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:43:36 ---A- C:\Windows\Prefetch\HIJACKTHIS.EXE-9FD56571.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:43:38 ---A- C:\Windows\Prefetch\WMIPRVSE.EXE-1628051C.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:43:45 ---A- C:\Windows\Prefetch\NOTEPAD.EXE-D8414F97.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 14:44:09 ---A- C:\Windows\Prefetch\ZHP2.EXE-B4567A37.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:01:26 ---A- C:\Windows\Prefetch\AgGlFaultHistory.db

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:01:26 ---A- C:\Windows\Prefetch\AgGlFgAppHistory.db

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:01:26 ---A- C:\Windows\Prefetch\AgGlGlobalHistory.db

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:01:26 ---A- C:\Windows\Prefetch\AgRobust.db

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:09:04 ---A- C:\Windows\Prefetch\GOOGLEUPDATE.EXE-FE771DDA.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:15:48 ---A- C:\Windows\Prefetch\TASKENG.EXE-48D4E289.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:23:28 ---A- C:\Windows\Prefetch\AVWSC.EXE-4630B658.pf

O45 - LFCP:Last File Created Prefetch 15/08/2010 - 15:23:40 ---A- C:\Windows\Prefetch\ZHPDIAG.EXE-A283E0D6.pf

 

 

---\\ Trojan Driver Search Data (HKLM)(TDSD) (O52)

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\Windows\System32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Codec Cinepak®.) -- C:\Windows\System32\iccvid.dll

O52 - TDSD: \drivers.desc\"C:\Windows\System32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\Windows\System32\l3codeca.acm

 

 

---\\ ShareTools MSconfig StartupReg (SMSR) (O53)

O53 - SMSR:HKLM\...\startupreg\Adobe ARM [Key] . (.Adobe Systems Incorporated - Adobe Reader and Acrobat Manager.) -- C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

O53 - SMSR:HKLM\...\startupreg\avgnt [Key] . (.Avira GmbH - Antivirus System Tray Tool.) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

O53 - SMSR:HKLM\...\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} [Key] . (.Pas de propriétaire - Pas de description.) -- :C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe

O53 - SMSR:HKLM\...\startupreg\ehTray.exe [Key] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\Windows\ehome\ehTray.exe

O53 - SMSR:HKLM\...\startupreg\IntelliPoint [Key] . (.Microsoft Corporation - IPoint.exe.) -- C:\Program Files\Microsoft IntelliPoint\ipoint.exe

O53 - SMSR:HKLM\...\startupreg\itype [Key] . (.Microsoft Corporation - IType.exe.) -- C:\Program Files\Microsoft IntelliType Pro\itype.exe

O53 - SMSR:HKLM\...\startupreg\MBPlayer [Key] . (.MusicBrigade - Config tool for musicbrigade.) -- C:\Program Files\MB application\MBPlayer.exe

O53 - SMSR:HKLM\...\startupreg\msnmsgr [Key] . (.Microsoft Corporation - Windows Live Messenger.) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe

O53 - SMSR:HKLM\...\startupreg\Skype [Key] . (.Skype Technologies S.A. - Skype.) -- C:\Program Files\Skype\Phone\Skype.exe

O53 - SMSR:HKLM\...\startupreg\StartCCC [Key] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O53 - SMSR:HKLM\...\startupreg\SunJavaUpdateSched [Key] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Common Files\Java\Java Update\jusched.exe

O53 - SMSR:HKLM\...\startupreg\TomTomHOME.exe [Key] . (.TomTom - System Tray application for TomTom HOME.) -- C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

O53 - SMSR:HKLM\...\startupreg\Windows Defender [Key] . (.Microsoft Corporation - Windows Defender User Interface.) -- C:\Program Files\Windows Defender\MSASCui.exe

O53 - SMSR:HKLM\...\startupreg\WMPNSCFG [Key] . (.Microsoft Corporation - Application de configuration du service Par.) -- C:\Program Files\Windows Media Player\WMPNSCFG.exe

 

 

---\\ Microsoft Control Security Providers (MCSP) (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - "SecurityProviders"=credssp.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - "SecurityProviders"=credssp.dll

 

 

---\\ Microsoft Windows Policies System (MWPS) (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorAdmin"=2

O55 - MWPS:[HKLM\...\Policies\System] - "ConsentPromptBehaviorUser"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableInstallerDetection"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableLUA"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableSecureUIAPaths"=1

O55 - MWPS:[HKLM\...\Policies\System] - "EnableVirtualization"=1

O55 - MWPS:[HKLM\...\Policies\System] - "PromptOnSecureDesktop"=1

O55 - MWPS:[HKLM\...\Policies\System] - "ValidateAdminCodeSignatures"=0

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "scforceoption"=0

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "FilterAdministratorToken"=0

O55 - MWPS:[HKLM\...\Policies\System] - "EnableUIADesktopToggle"=0

O55 - MWPS:[HKLM\...\Policies\System] - "UacDisableNotify"=0

 

 

---\\ Microsoft Windows Policies Explorer (MWPE) (O56)

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKCU\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKCU\...\Policies\Explorer] - "HonorAutoRunSetting"=1

O56 - MWPE:[HKLM\...\Policies\Explorer] - "BindDirectlyToPropertySetStorage"=0

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveAutoRun"=67108863

O56 - MWPE:[HKLM\...\Policies\Explorer] - "NoDriveTypeAutoRun"=255

O56 - MWPE:[HKLM\...\Policies\Explorer] - "HonorAutoRunSetting"=1

 

 

---\\ Liste des Drivers Système (SDL) (O58)

O58 - SDL:[MD5.2EDC5BBAC6C651ECE337BDE8ED97C9FB] - 02/11/2006 - 10:51:38 ---A- . (.Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) -- C:\Windows\system32\drivers\adp94xx.sys

O58 - SDL:[MD5.B84088CA3CDCA97DA44A984C6CE1CCAD] - 02/11/2006 - 10:51:32 ---A- . (.Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) -- C:\Windows\system32\drivers\adpahci.sys

O58 - SDL:[MD5.7880C67BCCC27C86FD05AA2AFB5EA469] - 02/11/2006 - 10:50:35 ---A- . (.Adaptec, Inc. - Adaptec LH Ultra160 Driver (x86).) -- C:\Windows\system32\drivers\adpu160m.sys

O58 - SDL:[MD5.9AE713F8E30EFC2ABCCD84904333DF4D] - 02/11/2006 - 10:51:00 ---A- . (.Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver.) -- C:\Windows\system32\drivers\adpu320.sys

O58 - SDL:[MD5.90395B64600EBB4552E26E178C94B2E4] - 02/11/2006 - 10:49:20 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\Windows\system32\drivers\aliide.sys

O58 - SDL:[MD5.5F673180268BB1FDB69C99B6619FE379] - 02/11/2006 - 10:50:09 ---A- . (.Adaptec, Inc. - Adaptec RAID Storport Driver.) -- C:\Windows\system32\drivers\arc.sys

O58 - SDL:[MD5.957F7540B5E7F602E44648C7DE5A1C05] - 02/11/2006 - 10:50:10 ---A- . (.Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\Windows\system32\drivers\arcsas.sys

O58 - SDL:[MD5.194A2261DAD9B766B1B7333A5DC26999] - 21/07/2009 - 17:31:44 ---A- . (.ATI Technologies Inc. - ATI Radeon Kernel Mode Driver.) -- C:\Windows\system32\drivers\atikmdag.sys

O58 - SDL:[MD5.A356E45E8432432C06981EA63A1E0FE8] - 30/10/2006 - 10:22:26 ---A- . (.ATI Technologies Inc. - ATI PCIE Driver for ATI PCIE chipset.) -- C:\Windows\system32\drivers\AtiPcie.sys

O58 - SDL:[MD5.323860EC84BB332B613530D904380A4D] - 11/05/2009 - 11:49:28 ---A- . (.AVIRA GmbH - Avira AntiVir File Filter Driver.) -- C:\Windows\system32\drivers\avgntdd.sys

O58 - SDL:[MD5.A88D29D928AD2B830E87B53E3F9BC182] - 16/02/2010 - 13:24:02 ---A- . (.Avira GmbH - Avira Minifilter Driver.) -- C:\Windows\system32\drivers\avgntflt.sys

O58 - SDL:[MD5.7F8283EA8284DFDE226E3262BED8C92A] - 11/05/2009 - 11:49:28 ---A- . (.AVIRA GmbH - Avira Antivir File Filter Driver Manager.) -- C:\Windows\system32\drivers\avgntmgr.sys

O58 - SDL:[MD5.1289E9A5D9118A25A13C0009519088E3] - 01/03/2010 - 09:05:26 ---A- . (.Avira GmbH - Avira Driver for Security Enhancement.) -- C:\Windows\system32\drivers\avipbb.sys

O58 - SDL:[MD5.9F9ACC7F7CCDE8A15C282D3F88B43309] - 02/11/2006 - 09:24:45 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) -- C:\Windows\system32\drivers\BrFiltLo.sys

O58 - SDL:[MD5.56801AD62213A41F6497F96DEE83755A] - 02/11/2006 - 09:24:46 ---A- . (.Brother Industries, Ltd. - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) -- C:\Windows\system32\drivers\BrFiltUp.sys

O58 - SDL:[MD5.B304E75CFF293029EDDF094246747113] - 02/11/2006 - 09:25:24 ---A- . (.Brother Industries Ltd. - Pilote Brother Série I/F (WDM).) -- C:\Windows\system32\drivers\BrSerId.sys

O58 - SDL:[MD5.203F0B1E73ADADBBB7B7B1FABD901F6B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother Serial driver (WDM version).) -- C:\Windows\system32\drivers\BrSerWdm.sys

O58 - SDL:[MD5.BD456606156BA17E60A04E18016AE54B] - 02/11/2006 - 09:24:44 ---A- . (.Brother Industries Ltd. - Brother USB MDM Driver.) -- C:\Windows\system32\drivers\BrUsbMdm.sys

O58 - SDL:[MD5.AF72ED54503F717A43268B3CC5FAEC2E] - 02/11/2006 - 09:24:47 ---A- . (.Brother Industries Ltd. - Brother USB Serial Driver.) -- C:\Windows\system32\drivers\BrUsbSer.sys

O58 - SDL:[MD5.45201046C776FFDAF3FC8A0029C581C8] - 02/11/2006 - 10:49:28 ---A- . (.CMD Technology, Inc. - CMD PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\cmdide.sys

O58 - SDL:[MD5.AE1FDF7BF7BB6C6A70F67699D880592A] - 02/11/2006 - 10:50:11 ---A- . (.Adaptec, Inc. - Adaptec Ultra SCSI miniport.) -- C:\Windows\system32\drivers\djsvs.sys

O58 - SDL:[MD5.F88FB26547FD2CE6D0A5AF2985892C48] - 02/11/2006 - 08:30:54 ---A- . (.Intel Corporation - Intel® PRO/1000 Adapter NDIS 6 deserialized driver.) -- C:\Windows\system32\drivers\E1G60I32.sys

O58 - SDL:[MD5.E8F3F21A71720C84BCF423B80028359F] - 02/11/2006 - 10:51:34 ---A- . (.Emulex - Storport Miniport Driver for LightPulse HBAs.) -- C:\Windows\system32\drivers\elxstor.sys

O58 - SDL:[MD5.A0A3484E4B8C70989380A51F814DCAD1] - 13/07/2010 - 13:09:11 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\drivers\fsbts.sys

O58 - SDL:[MD5.DF353B401001246853763C4B7AAA6F50] - 02/11/2006 - 10:50:10 ---A- . (.Hewlett-Packard Company - Smart Array Storport Driver.) -- C:\Windows\system32\drivers\HpCISSs.sys

O58 - SDL:[MD5.C957BF4B5D80B46C5017BF0101E6C906] - 02/11/2006 - 10:51:25 ---A- . (.Intel Corporation - Intel Matrix Storage Manager driver (base).) -- C:\Windows\system32\drivers\iaStorV.sys

O58 - SDL:[MD5.2D077BF86E843F901D8DB709C95B49A5] - 02/11/2006 - 10:50:17 ---A- . (.Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) -- C:\Windows\system32\drivers\iirsp.sys

O58 - SDL:[MD5.BCED60D16156E428F8DF8CF27B0DF150] - 02/11/2006 - 10:50:07 ---A- . (.Integrated Technology Express, Inc. - ITE IT8211 ATA/ATAPI SCSI miniport.) -- C:\Windows\system32\drivers\iteatapi.sys

O58 - SDL:[MD5.06FA654504A498C30ADCA8BEC4E87E7E] - 02/11/2006 - 10:50:09 ---A- . (.Integrated Technology Express, Inc. - ITE IT8212 ATA RAID SCSI miniport.) -- C:\Windows\system32\drivers\iteraid.sys

O58 - SDL:[MD5.A2262FB9F28935E862B4DB46438C80D2] - 02/11/2006 - 10:50:04 ---A- . (.LSI Logic - LSI Logic Fusion-MPT FC Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_fc.sys

O58 - SDL:[MD5.30D73327D390F72A62F32C103DAF1D6D] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SAS Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_sas.sys

O58 - SDL:[MD5.E1E36FEFD45849A95F1AB81DE0159FE3] - 02/11/2006 - 10:50:10 ---A- . (.LSI Logic - LSI Logic Fusion-MPT SCSI Driver (StorPort).) -- C:\Windows\system32\drivers\lsi_scsi.sys

O58 - SDL:[MD5.67B48A903430C6D4FB58CBACA1866601] - 29/04/2010 - 14:39:26 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbam.sys

O58 - SDL:[MD5.C7DD7D9739785BD3A6B8499EEC1DEE7E] - 29/04/2010 - 14:39:38 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\Windows\system32\drivers\mbamswissarmy.sys

O58 - SDL:[MD5.D153B14FC6598EAE8422A2037553ADCE] - 02/11/2006 - 10:49:53 ---A- . (.LSI Logic Corporation - MEGASAS RAID Controller Driver for Windows Vista/Longhorn for x.) -- C:\Windows\system32\drivers\megasas.sys

O58 - SDL:[MD5.4FBBB70D30FD20EC51F80061703B001E] - 02/11/2006 - 10:49:59 ---A- . (.LSI Logic Corporation - MegaRAID RAID Controller Driver for Windows Vista/Longhorn for.) -- C:\Windows\system32\drivers\Mraid35x.sys

O58 - SDL:[MD5.2E7FB731D4790A1BC6270ACCEFACB36E] - 02/11/2006 - 10:50:19 ---A- . (.IBM Corporation - IBM ServeRAID Controller Driver.) -- C:\Windows\system32\drivers\nfrd960.sys

O58 - SDL:[MD5.E875C093AEC0C978A90F30C9E0DFBB72] - 02/11/2006 - 08:36:50 ---A- . (.N-trig Innovative Technologies - Pilote intégré de digitalisateur de tablette N-trig.) -- C:\Windows\system32\drivers\ntrigdigi.sys

O58 - SDL:[MD5.9E0BA19A28C498A6D323D065DB76DFFC] - 02/11/2006 - 10:50:13 ---A- . (.NVIDIA Corporation - NVIDIA® nForce Sata Performance Driver.) -- C:\Windows\system32\drivers\nvstor.sys

O58 - SDL:[MD5.1BF91F352D746AD7469FA71783B5FAE8] - 28/11/2006 - 20:46:22 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) -- C:\Windows\system32\drivers\PCAMp50.sys

O58 - SDL:[MD5.1961590AA191B6B7DCF18A6A693AF7B8] - 28/11/2006 - 20:46:20 ---A- . (.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) -- C:\Windows\system32\drivers\PCASp50.sys

O58 - SDL:[MD5.9F2F541C52CD7A452E235E885F7D95DE] - 03/04/2007 - 09:43:28 ---A- . (.Philips Semiconductors GmbH - Ph3xIBxx.) -- C:\Windows\system32\drivers\Ph3xIB32.sys

O58 - SDL:[MD5.14E6FB92F1788982E2BBC81D915B1F02] - 28/05/2010 - 12:04:52 ---A- . (.Secunia - Secunia PSI Driver.) -- C:\Windows\system32\drivers\psi_mf.sys

O58 - SDL:[MD5.CCDAC889326317792480C0A67156A1EC] - 02/11/2006 - 10:51:45 ---A- . (.QLogic Corporation - QLogic Fibre Channel Stor Miniport Driver.) -- C:\Windows\system32\drivers\ql2300.sys

O58 - SDL:[MD5.81A7E5C076E59995D54BC1ED3A16E60B] - 02/11/2006 - 10:50:35 ---A- . (.QLogic Corporation - QLogic iSCSI Storport Miniport Driver.) -- C:\Windows\system32\drivers\ql40xx.sys

O58 - SDL:[MD5.EE67E996DBB9CB17D4B4D377C9DDFA9E] - 07/02/2007 - 16:33:48 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\Windows\system32\drivers\RTKVHDA.sys

O58 - SDL:[MD5.7F8D15EE000577BE703537849D4F9397] - 11/12/2007 - 10:50:20 ---A- . (.Windows ® Codename Longhorn DDK provider - NDIS User mode I/O Driver.) -- C:\Windows\system32\drivers\RtNdPt60.sys

O58 - SDL:[MD5.5E01AB8AB1ACF8850B2D64A6FD068E46] - 29/10/2008 - 16:29:54 ---A- . (.Realtek Semiconductor Corporation - Realtek 10/100 NDIS 5.1 Driver.) -- C:\Windows\system32\drivers\Rtnicxp.sys

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 02/11/2006 - 07:37:21 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\Windows\system32\drivers\secdrv.sys

O58 - SDL:[MD5.E91D143072A680223B5E73571970C82F] - 25/01/2007 - 13:16:46 ---A- . (.Silicon Integrated Systems Corp. - SiS163 USB Wireless LAN Adapter Driver.) -- C:\Windows\system32\drivers\sis163u.sys

O58 - SDL:[MD5.DF843C528C4F69D12CE41CE462E973A7] - 02/11/2006 - 10:50:16 ---A- . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\Windows\system32\drivers\sisraid4.sys

O58 - SDL:[MD5.A36EE93698802CD899F98BFD553D8185] - 11/05/2009 - 09:12:50 ---A- . (.Avira GmbH - AVIRA SnapShot Driver.) -- C:\Windows\system32\drivers\ssmdrv.sys

O58 - SDL:[MD5.192AA3AC01DF071B541094F251DEED10] - 02/11/2006 - 10:50:05 ---A- . (.LSI Logic - LSI Logic 8XX SCSI Miniport Driver.) -- C:\Windows\system32\drivers\symc8xx.sys

O58 - SDL:[MD5.8C8EB8C76736EBAF3B13B633B2E64125] - 02/11/2006 - 10:49:56 ---A- . (.LSI Logic - LSI Logic Hi-Perf SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_hi.sys

O58 - SDL:[MD5.8072AF52B5FD103BBBA387A1E49F62CB] - 02/11/2006 - 10:50:03 ---A- . (.LSI Logic - LSI Logic Ultra160 SCSI Miniport Driver.) -- C:\Windows\system32\drivers\sym_u3.sys

O58 - SDL:[MD5.3CD4EA35A6221B85DCC25DAA46313F8D] - 02/11/2006 - 10:51:25 ---A- . (.ULi Electronics Inc. - ULi SATA Controller Driver.) -- C:\Windows\system32\drivers\uliahci.sys

O58 - SDL:[MD5.8514D0E5CD0534467C5FC61BE94A569F] - 02/11/2006 - 10:50:35 ---A- . (.Promise Technology, Inc. - Promise Ultra/Sata Series Driver for Win2003.) -- C:\Windows\system32\drivers\ulsata.sys

O58 - SDL:[MD5.38C3C6E62B157A6BC46594FADA45C62B] - 02/11/2006 - 10:50:45 ---A- . (.Promise Technology, Inc. - Promise SATAII150 Series Windows Drivers.) -- C:\Windows\system32\drivers\ulsata2.sys

O58 - SDL:[MD5.EEBF6B85ABE3AA35E2C16D572E587FD9] - 09/10/2004 - 10:51:08 ---A- . (.Creative Technology Ltd. - Video streaming and Capture Device Driver.) -- C:\Windows\system32\drivers\V0080Dev.sys

O58 - SDL:[MD5.EAF517EF2BAC82427E11462E9760D177] - 21/05/2004 - 07:05:40 ---A- . (.Creative Technology Ltd. - Creative Evx Driver.) -- C:\Windows\system32\drivers\V0080Evx.sys

O58 - SDL:[MD5.FD2E3175FCADA350C7AB4521DCA187EC] - 02/11/2006 - 10:49:30 ---A- . (.VIA Technologies, Inc. - VIA Generic PCI IDE Bus Driver.) -- C:\Windows\system32\drivers\viaide.sys

O58 - SDL:[MD5.D984439746D42B30FC65A4C3546C6829] - 02/11/2006 - 10:50:41 ---A- . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) -- C:\Windows\system32\drivers\vsmraid.sys

O58 - SDL:[MD5.8AAD333C876590293F72B315E162BCC7] - 02/11/2006 - 08:09:42 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\ANSI.SYS

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 02/11/2006 - 08:09:45 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\country.sys

O58 - SDL:[MD5.E6BC0F98FECEF245A0010D350C1A0B9B] - 02/11/2006 - 08:09:41 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\HIMEM.SYS

O58 - SDL:[MD5.492090267B9608C62B956CD29BE3AFB7] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEY01.SYS

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 02/11/2006 - 08:09:44 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\KEYBOARD.SYS

O58 - SDL:[MD5.FFFF296A08DBF2AC0126C62E3778AC0D] - 02/11/2006 - 08:09:29 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS.SYS

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 02/11/2006 - 08:09:35 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS404.SYS

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 02/11/2006 - 08:09:38 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS411.SYS

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 02/11/2006 - 08:09:40 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS412.SYS

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 02/11/2006 - 08:09:31 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTDOS804.SYS

O58 - SDL:[MD5.2E4112FB7D1B76E11ADFD7487B5D0E95] - 02/11/2006 - 08:09:20 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO.SYS

O58 - SDL:[MD5.A98EBD4C2DF983665BF2D1AF49949974] - 02/11/2006 - 08:09:23 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO404.SYS

O58 - SDL:[MD5.3F7E6406EDEF197C5CAAB2240EEF6F48] - 02/11/2006 - 08:09:24 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO411.SYS

O58 - SDL:[MD5.3E64D681B776CC57BDC38A46D881F85B] - 02/11/2006 - 08:09:26 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO412.SYS

O58 - SDL:[MD5.D86B6435729231C171432B4E77801BDB] - 02/11/2006 - 08:09:22 ---A- . (.Pas de propriétaire - Pas de description.) -- C:\Windows\system32\NTIO804.SYS

 

 

---\\ Derniers fichiers modifiés ou crées (Utilisateur) (O61)

O61 - LFC:Last File Created 12/08/2010 - 09:04:25 ---A- C:\Users\jeanpaul\Downloads\jxpiinstall-rv.exe [875296]

O61 - LFC:Last File Created 12/08/2010 - 09:13:25 ---A- C:\Users\All Users\Sun\Java\Java Update\jaureglist.xml [189]

O61 - LFC:Last File Created 12/08/2010 - 09:42:44 ---A- C:\Users\jeanpaul\Downloads\AdobeAIRInstaller(2).exe [12575488]

O61 - LFC:Last File Created 12/08/2010 - 09:43:04 ---A- C:\Users\jeanpaul\AppData\Roaming\Adobe\AIR\eulaAccepted [1]

O61 - LFC:Last File Created 12/08/2010 - 09:43:08 ---A- C:\Users\All Users\Adobe\AIR\Updater\initialPingback [0]

O61 - LFC:Last File Created 12/08/2010 - 09:43:08 ---A- C:\Users\All Users\Adobe\AIR\Updater\updatePingback [0]

O61 - LFC:Last File Created 12/08/2010 - 09:43:14 ---A- C:\Users\jeanpaul\AppData\Roaming\Adobe\AIR\Updater\lastUpdateCheck [35]

O61 - LFC:Last File Created 12/08/2010 - 09:43:38 ---A- C:\Users\jeanpaul\Downloads\install_flash_player(2).exe [2788816]

O61 - LFC:Last File Created 12/08/2010 - 09:44:19 ---A- C:\Users\jeanpaul\Downloads\install_flash_player_ax.exe [2826192]

O61 - LFC:Last File Created 12/08/2010 - 09:45:47 ---A- C:\Users\jeanpaul\Downloads\uninstall_flash_player.exe [232912]

O61 - LFC:Last File Created 12/08/2010 - 09:49:35 ---A- C:\Users\jeanpaul\Downloads\install_flash_player_ax(2).exe [2826192]

O61 - LFC:Last File Created 12/08/2010 - 09:54:20 ---A- C:\Users\jeanpaul\Downloads\uninstall_flash_player(2).exe [232912]

O61 - LFC:Last File Created 12/08/2010 - 10:00:55 ---A- C:\Users\jeanpaul\Downloads\install_flash_player_ax(3).exe [2826192]

O61 - LFC:Last File Created 12/08/2010 - 11:47:46 ---A- C:\Users\jeanpaul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-08-12 (12-47-46).txt [1060]

O61 - LFC:Last File Created 12/08/2010 - 13:55:53 ---A- C:\Users\jeanpaul\Documents\cc_20100812_145550.reg [9560]

O61 - LFC:Last File Created 12/08/2010 - 13:57:09 ---A- C:\Users\jeanpaul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\mbam.context.scan [42]

O61 - LFC:Last File Created 12/08/2010 - 14:09:23 ---A- C:\Users\jeanpaul\Downloads\Firefox Setup 3.6.8.exe [8635336]

O61 - LFC:Last File Created 12/08/2010 - 16:15:22 ---A- C:\Users\jeanpaul\Downloads\TurnOffBonjour.exe [35416]

O61 - LFC:Last File Created 12/08/2010 - 18:37:32 ---A- C:\Users\jeanpaul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-08-12 (19-37-32).txt [1047]

O61 - LFC:Last File Created 12/08/2010 - 20:17:38 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\0046E3B9d01 [52830]

O61 - LFC:Last File Created 12/08/2010 - 20:18:28 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\3283F340d01 [19807]

O61 - LFC:Last File Created 12/08/2010 - 20:18:29 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\4B61752Ed01 [31552]

O61 - LFC:Last File Created 12/08/2010 - 20:18:29 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\5F14DF6Dd01 [45560]

O61 - LFC:Last File Created 12/08/2010 - 20:18:29 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\768A3272d01 [49558]

O61 - LFC:Last File Created 12/08/2010 - 20:18:29 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\F88A4D25d01 [27235]

O61 - LFC:Last File Created 12/08/2010 - 20:18:49 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\32B1F6B0d01 [44340]

O61 - LFC:Last File Created 12/08/2010 - 20:18:49 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\36728E80d01 [30652]

O61 - LFC:Last File Created 12/08/2010 - 20:18:49 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\7A4F0518d01 [32441]

O61 - LFC:Last File Created 12/08/2010 - 20:18:49 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\B250BB65d01 [36409]

O61 - LFC:Last File Created 12/08/2010 - 20:18:49 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\E2250970d01 [23233]

O61 - LFC:Last File Created 13/08/2010 - 09:02:21 ---A- C:\Users\jeanpaul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-08-13 (10-02-21).txt [1047]

O61 - LFC:Last File Created 13/08/2010 - 11:43:33 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\Nana mouskori - La paloma.wav [1782812]

O61 - LFC:Last File Created 13/08/2010 - 13:45:48 ---A- C:\Users\jeanpaul\AppData\Local\Temp\testnsis\mcsetupfr.mst [46592]

O61 - LFC:Last File Created 13/08/2010 - 13:45:50 ---A- C:\Users\jeanpaul\AppData\Local\Temp\testnsis\mcsetuppt.mst [45568]

O61 - LFC:Last File Created 13/08/2010 - 13:45:52 ---A- C:\Users\jeanpaul\AppData\Local\Temp\testnsis\mcsetupes.mst [46080]

O61 - LFC:Last File Created 13/08/2010 - 13:45:54 ---A- C:\Users\jeanpaul\AppData\Local\Temp\testnsis\mcsetup.msi [3335680]

O61 - LFC:Last File Created 13/08/2010 - 15:22:42 ---A- C:\Users\jeanpaul\Downloads\ZHPL 2.36.exe [11291549]

O61 - LFC:Last File Created 13/08/2010 - 17:04:57 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\36B959F7d01 [34888]

O61 - LFC:Last File Created 13/08/2010 - 17:04:57 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\AF01763Dd01 [53010]

O61 - LFC:Last File Created 13/08/2010 - 17:04:57 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\F58451F5d01 [30985]

O61 - LFC:Last File Created 13/08/2010 - 17:04:58 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\3232B88Bd01 [63205]

O61 - LFC:Last File Created 13/08/2010 - 17:05:00 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Drafts [0]

O61 - LFC:Last File Created 13/08/2010 - 21:05:45 ---A- C:\Users\jeanpaul\AppData\Roaming\Microsoft\IdentityCRL\production\MetaConfig.xml [163]

O61 - LFC:Last File Created 13/08/2010 - 21:07:32 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\_CACHE_003_ [2672249]

O61 - LFC:Last File Created 13/08/2010 - 21:08:34 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\chatsync\6b\6bb02d45cfc7e224.dat [1514]

O61 - LFC:Last File Created 13/08/2010 - 21:08:34 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\shared_dynco\dc.db [1306624]

O61 - LFC:Last File Created 13/08/2010 - 21:08:34 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\shared_dynco\dc.db-journal [809000]

O61 - LFC:Last File Created 13/08/2010 - 21:08:35 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\dc.db [724992]

O61 - LFC:Last File Created 13/08/2010 - 21:08:35 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\dc.db-journal [41552]

O61 - LFC:Last File Created 13/08/2010 - 21:08:47 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\bistats.db [61440]

O61 - LFC:Last File Created 13/08/2010 - 21:08:47 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\bistats.db-journal [33344]

O61 - LFC:Last File Created 13/08/2010 - 21:08:47 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\httpfe\cookies.dat [104]

O61 - LFC:Last File Created 13/08/2010 - 21:08:48 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\config.xml [12442]

O61 - LFC:Last File Created 13/08/2010 - 21:08:48 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\main.db [573440]

O61 - LFC:Last File Created 13/08/2010 - 21:08:48 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\papecapbreton\main.db-journal [156464]

O61 - LFC:Last File Created 13/08/2010 - 21:08:48 ---A- C:\Users\jeanpaul\AppData\Roaming\Skype\shared.xml [44706]

O61 - LFC:Last File Created 13/08/2010 - 21:45:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Drafts.msf [2152]

O61 - LFC:Last File Created 14/08/2010 - 09:33:12 ---A- C:\Users\jeanpaul\Downloads\MaConfig_4_2_1_0(5).exe [3090696]

O61 - LFC:Last File Created 14/08/2010 - 09:41:59 ---A- C:\Users\jeanpaul\Downloads\MaConfig_4_2_1_1.exe [3149696]

O61 - LFC:Last File Created 14/08/2010 - 10:32:47 ---A- C:\Users\jeanpaul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-08-14 (11-32-47).txt [1047]

O61 - LFC:Last File Created 14/08/2010 - 14:07:47 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\Santana_Carlos-Desperado.wav [269686]

O61 - LFC:Last File Created 14/08/2010 - 14:09:13 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\California blues Ricky King.wav [1145066]

O61 - LFC:Last File Created 14/08/2010 - 14:14:06 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\blocklist.xml [1436]

O61 - LFC:Last File Created 14/08/2010 - 14:15:51 ---A- C:\Users\jeanpaul\Documents\hijackthis.log [16980]

O61 - LFC:Last File Created 14/08/2010 - 14:24:30 ---A- C:\Users\jeanpaul\AppData\Local\PMB Files\cert\secmod.db [16384]

O61 - LFC:Last File Created 14/08/2010 - 14:48:50 ---A- C:\Users\jeanpaul\AppData\Local\PMB Files\cert\cert8.db [65536]

O61 - LFC:Last File Created 14/08/2010 - 14:48:50 ---A- C:\Users\jeanpaul\AppData\Local\PMB Files\cert\key3.db [16384]

O61 - LFC:Last File Created 14/08/2010 - 14:48:51 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\history.mab [8563]

O61 - LFC:Last File Created 14/08/2010 - 14:59:31 ---A- C:\Users\jeanpaul\Documents\cc_20100814_155928.reg [10996]

O61 - LFC:Last File Created 14/08/2010 - 15:00:44 ---A- C:\Users\jeanpaul\Downloads\MaConfig_4_2_1_1(2).exe [3149696]

O61 - LFC:Last File Created 14/08/2010 - 18:58:04 ---A- C:\Users\jeanpaul\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt00.sqm [836]

O61 - LFC:Last File Created 14/08/2010 - 18:58:04 ---A- C:\Users\jeanpaul\AppData\Roaming\Microsoft\MSN Messenger\sqmnoopt01.sqm [284]

O61 - LFC:Last File Created 14/08/2010 - 18:58:04 ---A- C:\Users\jeanpaul\Tracing\WindowsLiveMessenger-uccapi-0.uccapilog [17933]

O61 - LFC:Last File Created 14/08/2010 - 20:02:57 ---A- C:\Users\jeanpaul\AppData\Local\Temp\~DF9684.tmp [32768]

O61 - LFC:Last File Created 14/08/2010 - 20:18:05 ---A- C:\Users\jeanpaul\AppData\Roaming\Microsoft\HTML Help\hh.dat [9606]

O61 - LFC:Last File Created 15/08/2010 - 06:32:15 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Junk [31133]

O61 - LFC:Last File Created 15/08/2010 - 06:35:53 ---A- C:\Users\jeanpaul\AppData\Local\Temp\nsmail.wmv [5990599]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\Local Folders-1\Sent.msf [2938]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.msf [2330]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.sbd\2008.msf [4954]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.sbd\2009.msf [16991]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.sbd\2010.msf [7648]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.sbd\2010.sbd\christiane.msf [17921]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.sbd\2010.sbd\foncia.msf [23222]

O61 - LFC:Last File Created 15/08/2010 - 06:36:41 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Archives.sbd\sanders.msf [6598]

O61 - LFC:Last File Created 15/08/2010 - 06:37:27 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\abook.mab [68329]

O61 - LFC:Last File Created 15/08/2010 - 06:37:54 ---A- C:\Users\jeanpaul\AppData\Local\Temp\svhc2.tmp [28663]

O61 - LFC:Last File Created 15/08/2010 - 06:37:59 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\Inga_Jankauskaite_-_Laseliai (6).wav [877904]

O61 - LFC:Last File Created 15/08/2010 - 06:37:59 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\sg30.sdg [219808]

O61 - LFC:Last File Created 15/08/2010 - 06:37:59 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\sg30.sdv [2048]

O61 - LFC:Last File Created 15/08/2010 - 06:37:59 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\gallery\sg30.thm [30632]

O61 - LFC:Last File Created 15/08/2010 - 06:38:03 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\stamp.sys [1]

O61 - LFC:Last File Created 15/08/2010 - 06:38:04 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Histories.xcu [1020]

O61 - LFC:Last File Created 15/08/2010 - 06:38:06 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\localstore.rdf [35863]

O61 - LFC:Last File Created 15/08/2010 - 06:38:13 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Recovery.xcu [1881]

O61 - LFC:Last File Created 15/08/2010 - 06:38:13 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Views.xcu [9995]

O61 - LFC:Last File Created 15/08/2010 - 06:38:15 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Office\Common.xcu [3287]

O61 - LFC:Last File Created 15/08/2010 - 06:38:15 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\registry\data\org\openoffice\Setup.xcu [1816]

O61 - LFC:Last File Created 15/08/2010 - 06:38:15 ---A- C:\Users\jeanpaul\AppData\Roaming\OpenOffice.org\3\user\uno_packages\cache\log.txt [99004]

O61 - LFC:Last File Created 15/08/2010 - 06:39:31 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\Local Folders-1\Inbox.msf [2620]

O61 - LFC:Last File Created 15/08/2010 - 06:39:31 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\Local Folders-1\Trash.msf [2384]

O61 - LFC:Last File Created 15/08/2010 - 06:39:31 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Sent [38507584]

O61 - LFC:Last File Created 15/08/2010 - 06:39:31 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\smart mailboxes\Sent.msf [2070]

O61 - LFC:Last File Created 15/08/2010 - 06:39:31 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\downloads.sqlite [10240]

O61 - LFC:Last File Created 15/08/2010 - 06:39:31 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\mimeTypes.rdf [8475]

O61 - LFC:Last File Created 15/08/2010 - 06:44:45 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\config.dat [778]

O61 - LFC:Last File Created 15/08/2010 - 06:44:45 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\link.txt [126]

O61 - LFC:Last File Created 15/08/2010 - 06:44:45 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\local.dat [87]

O61 - LFC:Last File Created 15/08/2010 - 06:44:45 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\news.txt [60]

O61 - LFC:Last File Created 15/08/2010 - 06:44:45 ---A- C:\Users\All Users\Malwarebytes\Malwarebytes' Anti-Malware\rules.ref [5436058]

O61 - LFC:Last File Created 15/08/2010 - 06:49:30 ---A- C:\Users\jeanpaul\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-2010-08-15 (07-49-30).txt [1047]

O61 - LFC:Last File Created 15/08/2010 - 07:09:32 ---A- C:\Users\jeanpaul\AppData\Local\Temp\DMIF239.tmp [0]

O61 - LFC:Last File Created 15/08/2010 - 07:14:29 ---A- C:\Users\jeanpaul\Downloads\MaConfig_4_2_1_1(3).exe [3149696]

O61 - LFC:Last File Created 15/08/2010 - 07:18:29 ---A- C:\Users\jeanpaul\AppData\Local\ATI\ACE\Manifest.Bin [29528]

O61 - LFC:Last File Created 15/08/2010 - 07:18:29 ---A- C:\Users\jeanpaul\AppData\Local\ATI\ACE\Manifest.xml [23574]

O61 - LFC:Last File Created 15/08/2010 - 07:20:22 ---A- C:\Users\jeanpaul\AppData\Roaming\Microsoft\MMC\eventvwr [89017]

O61 - LFC:Last File Created 15/08/2010 - 07:32:46 ---A- C:\Users\jeanpaul\AppData\Local\ATI\ACE\Profiles.xml [22250]

O61 - LFC:Last File Created 15/08/2010 - 07:55:09 ---A- C:\Users\jeanpaul\AppData\Local\Temp\DMIC86D.tmp [0]

O61 - LFC:Last File Created 15/08/2010 - 07:55:16 ---A- C:\Users\jeanpaul\AppData\Local\Temp\DMIE24F.tmp [0]

O61 - LFC:Last File Created 15/08/2010 - 07:56:01 ---A- C:\Users\jeanpaul\AppData\Local\Temp\~DF525A.tmp [16384]

O61 - LFC:Last File Created 15/08/2010 - 07:59:58 ---A- C:\Users\jeanpaul\AppData\Local\Temp\~DF9290.tmp [16384]

O61 - LFC:Last File Created 15/08/2010 - 08:04:23 ---A- C:\Users\All Users\ma-config.com\Logs\maconfservice.txt [3634]

O61 - LFC:Last File Created 15/08/2010 - 09:12:48 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Sent.msf [9480]

O61 - LFC:Last File Created 15/08/2010 - 09:51:40 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\Local Folders-1\Junk.msf [3030]

O61 - LFC:Last File Created 15/08/2010 - 09:56:40 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Junk.msf [3470]

O61 - LFC:Last File Created 15/08/2010 - 09:58:16 --HA- C:\Users\jeanpaul\AppData\Local\IconCache.db [1943834]

O61 - LFC:Last File Created 15/08/2010 - 09:58:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Trash [0]

O61 - LFC:Last File Created 15/08/2010 - 09:58:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Trash.msf [1794]

O61 - LFC:Last File Created 15/08/2010 - 09:58:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\smart mailboxes\Junk.msf [1991]

O61 - LFC:Last File Created 15/08/2010 - 09:58:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\smart mailboxes\Trash.msf [10248]

O61 - LFC:Last File Created 15/08/2010 - 09:58:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\cookies.sqlite [7168]

O61 - LFC:Last File Created 15/08/2010 - 10:00:40 ---A- C:\Users\jeanpaul\AppData\Local\Temp\jeanpaul.bmp [31832]

O61 - LFC:Last File Created 15/08/2010 - 14:30:14 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\pluginreg.dat [9785]

O61 - LFC:Last File Created 15/08/2010 - 14:30:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Inbox [17934101]

O61 - LFC:Last File Created 15/08/2010 - 14:30:17 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\popstate.dat [64]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\_CACHE_001_ [1547570]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\_CACHE_002_ [1537100]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Local\Thunderbird\Profiles\yq5s2xc5.default\Cache\_CACHE_MAP_ [65812]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\pop.orange-1.fr\Inbox.msf [18198]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\Mail\smart mailboxes\Inbox.msf [2434]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\cert8.db [65536]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\folderTree.json [1171]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\global-messages-db.sqlite [1748992]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\key3.db [16384]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\panacea.dat [7038]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\prefs.js [17128]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\session.json [375]

O61 - LFC:Last File Created 15/08/2010 - 14:30:44 ---A- C:\Users\jeanpaul\AppData\Roaming\Thunderbird\Profiles\yq5s2xc5.default\virtualFolders.dat [762]

O61 - LFC:Last File Created 15/08/2010 - 14:43:26 ---A- C:\Users\jeanpaul\AppData\Local\Temp\~DF7A28.tmp [114688]

O61 - LFC:Last File Created 15/08/2010 - 14:43:59 ---A- C:\Users\jeanpaul\AppData\Local\Temp\INMEM000.REM [0]

 

 

---\\ Liste des outils de nettoyage (LATC) (O63)

O63 - Logiciel: HiJackThis - (.Trend Micro.)

O63 - Logiciel: Toolbar SD - (.IDN Team.)

O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.)

 

 

---\\ Liste des services Legacy (LALS) (O64)

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avgntflt.sys - avgntflt (avgntflt) .(.Avira GmbH - Avira Minifilter Driver.) - LEGACY_AVGNTFLT

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\avipbb.sys - avipbb (avipbb) .(.Avira GmbH - Avira Driver for Security Enhancement.) - LEGACY_AVIPBB

O64 - Services: CurCS - (.not file.) - Beep (Beep) .(.Pas de propriétaire - Pas de description.) - LEGACY_BEEP

O64 - Services: CurCS - (.not file.) - cpuz134 (cpuz134) .(.Pas de propriétaire - Pas de description.) - LEGACY_CPUZ134

O64 - Services: CurCS - (.not file.) - No object (No service) .(.Pas de propriétaire - Pas de description.) - LEGACY_DRIVERHARDWAREV2

O64 - Services: CurCS - (.not file.) - Symantec Eraser Control driver (eeCtrl) .(.Pas de propriétaire - Pas de description.) - LEGACY_EECTRL

O64 - Services: CurCS - (.not file.) - FAT12/16/32 File System Driver (fastfat) .(.Pas de propriétaire - Pas de description.) - LEGACY_FASTFAT

O64 - Services: CurCS - C:\Windows\system32\Drivers\fsbts.sys - fsbts (fsbts) .(.Pas de propriétaire - Pas de description.) - LEGACY_FSBTS

O64 - Services: CurCS - (.not file.) - mbr (mbr) .(.Pas de propriétaire - Pas de description.) - LEGACY_MBR

O64 - Services: CurCS - C:\Windows\system32\Drivers\PCAMp50.sys - PCAMp50 NDIS Protocol Driver (PCAMp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 MPR Protocol Driver.) - LEGACY_PCAMP50

O64 - Services: CurCS - C:\Windows\system32\Drivers\PCASp50.sys - PCASp50 NDIS Protocol Driver (PCASp50) .(.Printing Communications Assoc., Inc. (PCAUS - PCAUSA NDIS 5.0 SPR Protocol Driver.) - LEGACY_PCASP50

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\psi_mf.sys - PSI (PSI) .(.Secunia - Secunia PSI Driver.) - LEGACY_PSI

O64 - Services: CurCS - (.not file.) - RDP Winstation Driver (RDPWD) .(.Pas de propriétaire - Pas de description.) - LEGACY_RDPWD

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\RtNdPt60.sys - Realtek NDIS Protocol Driver (RtNdPt60) .(.Windows ® Codename Longhorn DDK provider - NDIS User mode I/O Driver.) - LEGACY_RTNDPT60

O64 - Services: CurCS - (.not file.) - SASKUTIL (SASKUTIL) .(.Pas de propriétaire - Pas de description.) - LEGACY_SASKUTIL

O64 - Services: CurCS - (.not file.) - Security Driver (secdrv) .(.Pas de propriétaire - Pas de description.) - LEGACY_SECDRV

O64 - Services: CurCS - (.not file.) - Security Processor Loader Driver (spldr) .(.Pas de propriétaire - Pas de description.) - LEGACY_SPLDR

O64 - Services: CurCS - (.not file.) - Spyware Terminator Driver 2 (sp_rsdrv2) .(.Pas de propriétaire - Pas de description.) - LEGACY_SP_RSDRV2

O64 - Services: CurCS - C:\Windows\system32\DRIVERS\ssmdrv.sys - ssmdrv (ssmdrv) .(.Avira GmbH - AVIRA SnapShot Driver.) - LEGACY_SSMDRV

O64 - Services: CurCS - (.not file.) - SYMTDI (SYMTDI) .(.Pas de propriétaire - Pas de description.) - LEGACY_SYMTDI

O64 - Services: CurCS - C:\Windows\system32\drivers\vsmraid.sys - vsmraid (vsmraid) .(.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR X86-32.) - LEGACY_VSMRAID

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCU\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.com> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.exe> <>[HKU\..\open\Command] (.Not Key.)

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.com> <comfile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.evt> <evtfile>[HKCR\..\open\Command] (.Microsoft Corporation - Lanceur du composant logiciel enfichable Observateur d'événements.) -- C:\Windows\system32\eventvwr.exe

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] "%1" %* (.not file.)

O67 - Shell Spawning: <.html> <FirefoxHTML>[HKCR\..\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\Windows\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\Windows\regedit.exe

 

 

---\\ Start Menu Internet (SMI) (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe

 

 

---\\ Search Browser Infection (SBI) (O69)

O69 - SBI: SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A}- (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes {9D5BD211-422C-4164-9298-BB4186A30F31} [DefaultScope] - (Bing) - Bing

 

 

---\\ Recherche d'infection Master Boot Record (O80)

Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, GMER - Rootkit Detector and Remover

Run by jeanpaul at 15/08/2010 16:27:30

device: opened successfully

user: MBR read successfully

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys

kernel: MBR read successfully

user & kernel MBR OK

 

 

 

End of the scan (950 lines in 05mn 36s)

[Florinator]

Ben écoute il n 'y rien non plus ici.

Et Zhp n'indique nulle part quelquonque infections.

 

A++

[jpt]

bon ! fausse alerte alors !

Merci pour votre aide

 

bonne fin de journée !

 

jpt